Latest on General

(Microsoft announces end of mainstream support for MBAM as of July 2019)

WinMagic’s CEO, THI NGUYEN-HUU, has blogged in the past about the ideal architecture for Full Drive Encryption, and Key Management (Separating Encryption and Key Management). By separating key management, which includes authentication, from the actual encryption layer, one is able to use a single key manager for many platforms while allowing the best individual encryption solutions to be selected and used for each use case where storage encryption is needed.

In the past few weeks I have been looking into the fallout from the paper [PDF] by Carlo Meijer and Bernard van Gastel from Radboud University, the Netherlands titled “Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)”.

From the paper’s abstract: “In theory, the security guarantees offered by hardware encryption are similar to or better than software implementations. In reality, we found that many hardware implementations have critical security weaknesses, for many models allowing for complete recovery of the data without knowledge of any secret” … “This challenges the view that hardware encryption is preferable over software encryption. We conclude that one should not rely solely on hardware encryption offered by SSDs.”

For me, the title of this blog entry isn’t just a marketing slogan or a catch phrase. It’s something that I take very seriously because, just like the metrics that I keep track of, acting on feedback from customers allows the Technical Support team here at WinMagic to improve to serve you better. That’s the key reason why you get a survey when a case is closed. I want to know what your support experience was like so that I know what went well, and what we can improve upon. Rest assured, when I get feedback I do act upon it.

An international law firm and longtime customer of WinMagic has leveraged our flagship encryption and key management platform – SecureDoc Enterprise Server – to protect thousands of endpoint devices against loss or theft. In this era of digital transformation though, protecting endpoints is only one of many projects within their security and risk management portfolio. Now as the organization aim to leverage the undeniable benefits of cloud computing, IT had a new mandate to move their existing server infrastructure to Microsoft Azure. Security and compliance risks could no longer prevent cloud migration, despite concerns about undisclosed access to sensitive workloads; particularly those related to client cases, which could be subject to subpoena or government access.

Microsoft’s reasoning that you don’t need PBA because the known memory attacks are difficult to pull off on most modern hardware is simply wrong because the threat is much more than just those attacks.”

The Cold Book Attack was resurrected last week by some researchers at f-secure https://press.f-secure.com/2018/09/13/firmware-weakness-in-modern-laptops-exposes-encryption-keys/ . I would like to provide some context for both the exploit and the mitigations because the cold boot attack is just the tip of the iceberg. But first, if you don’t want to know the details, there are steps that organizations can take to protect against Cold Boot attacks on PC’s and Macs when using SecureDoc including:

It has been awhile since I last wrote about computer forensics and encryption so it is time for an update.

First, what is Computer Forensics? According to Wikipedia, Computer forensics is, “a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information.” In short it is like data recovery, but with additional guidelines and practices designed to create a legal “audit trail” that could be used in court if need be.

I once worked for a company who didn’t believe in Technical Support employees working from home, despite having all the technology in place to allow that to happen. Their reasoning? Technical Support employees couldn’t be effective if they were not in the office. I’ve always thought that thinking was flawed, and my experiences with the work from home policy that WinMagic has in place reinforces that belief.

I once again had the pleasure and privilege to attend the RSA Security conference in San Francisco, CA. rsaconference.com/events/us18. The conference keynotes, sessions and sidebar conversations were a good opportunity to see what the hot topics in security are. I attended a broad selection of sessions. Here are five diverse observations that I came away with:

The Site is open to the public. Therefore, consider your comments carefully and do not include anything in a comment that you would like to keep private. By uploading or otherwise making available any information to WinMagic in the form of user generated comments or otherwise, you grant Winmagic the unlimited, perpetual right to distribute, display, publish, reproduce, reuse and copy the information contained therein.

You are responsible for the content you post. You may not impersonate any other person through the blog. You may not post content that is obscene, defamatory, threatening, fraudulent, invasive of another person’s privacy rights, or is otherwise unlawful. You may not post content that infringes the intellectual property rights of any other person or entity. You may not post any content that contains any computer viruses or any other code designed to disrupt, damage, or limit the functioning of any computer software or hardware.

By submitting or posting content on the blog, you grant WinMagic and any company substantially under its control, the right to remove any content or comment that, in WinMagic’s sole judgment, does not comply with the posting guideline, the terms of this website or is otherwise objectionable. You also grant WinMagic and any company substantially under its control the right to modify, adapt, and edit any content.

Your use of this blog is subject to the terms of use of the website on which this blog is hosted blog.winmagic.com. Because WinMagic values your thoughtful opinions, we encourage you to add a comment to this discussion. However, please don’t be offended if we edit your comments for clarity or to keep out questionable matters, and we may even delete off-topic comments. Any opinions expressed within the blog are those of the author and not necessarily held by WinMagic itself. The information on this blog may be changed without notice and is not guaranteed to be complete, correct, timely, current or up-to-date. Similar to any printed materials, the information on this blog may become out-of-date. Winmagic undertakes no obligation to update any information on the blog; provided, however, that WinMagic may update the information on this blog at any time without notice in WinMagic’s sole and absolute discretion.